<?php
/*
 * user 控制器
 */
require_once APP_ROOT.'/include/action/commonAction.php';
class User_Action extends commonAction{

	function index(){
		$page_title = '用户管理';
		extract($this -> options_cache);
		$site_title = $page_title . ' - ' . $site_name;

		$User_Model = new User_Model();
		$users = $User_Model -> getUsers();
		include View::getView('user_index');
	}

	function edit(){
		$uid = isset($_GET['uid'])?intval($_GET['uid']):0;
		if($uid):
			$page_title = '编辑用户';
			$User_Model = new User_Model();
			$user = $User_Model -> getOneUser($uid);
		else:
			$page_title = '新增用户';
			$user = array(
				'uid' => 0,
				'username' => '',
				'password' => '',
				'role' => 'member',
				'email' => '',
				'phone' => '',
				'description' => '',
				);
		endif;

		extract($this -> options_cache);
		$site_title = $page_title . ' - ' . $site_name;

		include View::getView('user_edit');
	}

	function handle(){
		$token = isset($_REQUEST['token']) ? addslashes($_REQUEST['token']) : '';
        if ($token != LoginAuth::genToken()) {
            exit('{"code":108,"msg":"权限不足！"}');
        }

        if(ROLE!=ROLE_ADMIN){
        	exit('{"code":108,"msg":"管理员功能，无权操作！"}');
        }

		$action = isset($_POST['action'])?trim($_POST['action']):'';
		$methodName = 'handle_'.$action;
		if(method_exists($this, $methodName)){
			$this -> $methodName();
		}
	}

	private function handle_save(){
		$uid = isset($_POST['uid'])?intval($_POST['uid']):0;
        $username = isset($_POST['username'])?addslashes(trim($_POST['username'])):'';
        $nickname = isset($_POST['nickname'])?addslashes(trim($_POST['nickname'])):'';
        $email = isset($_POST['email'])?addslashes(trim($_POST['email'])):'';
        $phone = isset($_POST['phone'])?addslashes(trim($_POST['phone'])):'';
        $description = isset($_POST['description'])?addslashes(trim($_POST['description'])):'';
        $role = isset($_POST['role'])?addslashes(trim($_POST['role'])):'member';
        $password1 = isset($_POST['password1'])?addslashes(trim($_POST['password1'])):'';
        $password2 = isset($_POST['password2'])?addslashes(trim($_POST['password2'])):'';

        $User_Model = new User_Model();
        $PHPASS = new PasswordHash(8, true);
        if($uid){
            $userData = array(
                'nickname' => $nickname,
                'email' => $email,
                'phone' => $phone,
                'description' => $description,
                'role' => $role,
            );
            if(!empty($password1)){
                if(strlen($password1)<6){
                    exit('{"result":101,"msg":"密码长度不能少于6位！"}');
                }
                if($password1 != $password2){
                    exit('{"result":101,"msg":"两次密码输入不一致！"}');
                }
                $password = $PHPASS->HashPassword($password1);
                $userData['password'] = $password;
            }
            if($User_Model->isUserExist($username, $uid)){
                exit('{"result":101,"msg":"该用户名已经存在！"}');
            }
            $User_Model -> updateUser($userData, $uid);
            exit('{"result":200,"msg":"用户更新成功！"}');
        }else{
        	if(strlen($username)<5){
	            exit('{"result":101,"msg":"用户名不能少于5位！"}');
	        }
            if(empty($password1)){
                exit('{"result":101,"msg":"请设置用户登录密码！"}');
            }
            if(strlen($password1)<6){
                exit('{"result":101,"msg":"密码长度不能少于6位！"}');
            }
            if($password1 != $password2){
                exit('{"result":101,"msg":"两次密码输入不一致！"}');
            }
            $password = $PHPASS->HashPassword($password1);
            $userData = array(
                'username' => $username,
                'nickname' => $nickname,
                'email' => $email,
                'phone' => $phone,
                'description' => $description,
                'role' => $role,
                'password' => $password,
                'addtime' => time(),
            );
            if($User_Model->isUserExist($username)){
                exit('{"result":101,"msg":"该用户名已经存在！"}');
            }
            $User_Model -> addUser($userData);
            exit('{"result":200,"msg":"用户添加成功！"}');
        }
	}

	function handle_del(){
		$uid = isset($_POST['uid'])?intval($_POST['uid']):0;
		if(!$uid){
			exit('{"result":911,"msg":"请选择正确的删除对象！"}');
		}

		$User_Model = new User_Model();
		$User_Model -> deleteUser($uid);
		exit('{"result":200,"msg":"删除操作完成！"}');
	}

}